Skip to content

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Ransomware

What is Ransomware?

Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.

You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware.

Once the code is loaded on a computer, it will lock access to the computer itself or data and files stored there. More menacing versions can encrypt files and folders on local drives, attached drives, and even networked computers.

Most of the time, you don’t know your computer has been infected. You usually discover it when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments.

For the latest information on ransomware variants and campaigns, please see our Industry Alerts.

Tips to Avoid Ransomware

  • Keep operating systems, software, and applications current and up to date.
  • Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
  • Back up data regularly and double-check that those backups were completed.
  • Secure your backups. Make sure they are not connected to the computers and networks they are backing up.
  • Create a continuity plan in case your business or organization is the victim of a ransomware attack.

What to do in case of a Ransomware incident

  1. How to Respond

    The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn't guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.

  2. File a Complaint

    File a detailed complaint at www.ic3.gov. It is vital the complaint contain all required data in provided fields, including the Ransomware variant name (if known); file extension of the encrypted file(s); cryptocurrency type and address; email address utilized by attackers; website(s) / URL(s) provided by attackers; ransom demand amount; whether the ransom was paid and if so, the amount paid.

  3. Stay Informed

    For the Latest information on ransomware variants and campaigns, please see our Industry Alerts.

Ransomware Resources

Terms and Conditions

Prior to filing a complaint with the IC3, please read the following information regarding terms and conditions.

Should you have additional questions prior to filing your complaint, view FAQ for more information on inquiries such as:

  • What details will I be asked to include in my complaint?
  • What happens after I file a complaint?
  • How are complaints resolved?
  • Should I retain evidence related to my complaint?

Complaints filed via this website are analyzed and may be referred to federal, state, local or international law enforcement and partner agencies for possible investigation.

The complaint information you submit to this site is encrypted via secure socket layer (SSL) encryption. Please see the Privacy Policy for further information.

We thank you for your cooperation.


By clicking "I Accept" you acknowledge the following:

I understand any contact or investigation regarding any complaint I file on this website is initiated at the discretion of the agency receiving the complaint information. I will not be contacted by the IC3.

The information I'm providing on this form is correct to the best of my knowledge. I understand that providing false information could make me subject to fine, imprisonment, or both. (TITLE 18, U.S. CODE, SECTION 1001)